Stay Ahead of Compliance with Monthly Citation Updates


In your State Survey window and need a snapshot of your risks?

Survey Preparedness Report

One Time Fee
$79
  • Last 12 months of citation data in one tailored report
  • Pinpoint the tags driving penalties in facilities like yours
  • Jump to regulations and pathways used by surveyors
  • Access to your report within 2 hours of purchase
  • Easily share it with your team - no registration needed
Get Your Report Now →

Monthly citation updates straight to your inbox for ongoing preparation?

Monthly Citation Reports

$18.90 per month
  • Latest citation updates delivered monthly to your email
  • Citations organized by compliance areas
  • Shared automatically with your team, by area
  • Customizable for your state(s) of interest
  • Direct links to CMS documentation relevant parts
Learn more →

Save Hours of Work with AI-Powered Plan of Correction Writer


One-Time Fee

$49 per Plan of Correction
Volume discounts available – save up to 20%
  • Quickly search for approved POC from other facilities
  • Instant access
  • Intuitive interface
  • No recurring fees
  • Save hours of work
F0842
F

Failure to Secure Resident and Staff Protected Information After Shed Break-In

Modesto, California Survey Completed on 05-06-2025

Penalty

No penalty information released
tooltip icon
The penalty, as released by CMS, applies to the entire inspection this citation is part of, covering all citations and f-tags issued, not just this specific f-tag. For the complete original report, please refer to the 'Details' section.

Summary

The facility failed to protect and secure protected health information (PHI) for residents and private information for staff when two of seven storage sheds were broken into and remained unsecured for several days. During an observation, it was found that one shed was missing a door and was covered only by a wooden board, while the other had a door but no lock. Inside the first shed, there were filing cabinets containing over 200 files with resident medical records, including names, dates of birth, social security numbers, and medical diagnoses, as well as employee files with personal and employment information. The filing cabinets themselves were also not locked. Interviews with facility staff, including the Environmental Service Director (ESD), Medical Records Director (MRD), Assistant Director of Nursing (ADON), Director of Nursing (DON), and Administrator (ADM), revealed that several were unaware that the sheds contained PHI and staff private information. The ESD stated he did not know the contents of the sheds and that the sheds had remained unlocked since the break-in. The MRD, ADON, and DON all acknowledged that PHI and private information should be kept confidential and secure, and that it was unacceptable to store such information in an unsecured location. The ADM stated he had been informed by a previous Human Resources Manager that the sheds did not contain PHI or private information, and that staff should have inspected the filing cabinets to ensure the information was protected. A review of the facility's policy and procedure confirmed that all personnel are responsible for managing and protecting resident and facility information to prevent unauthorized release or disclosure. The HIPAA Privacy Rule was also referenced, which requires appropriate safeguards to protect the privacy of PHI. The failure to secure the sheds and filing cabinets containing sensitive information was directly observed and confirmed by multiple staff members.

See complete original report
An unhandled error has occurred. Reload 🗙